3 matches found
Mageia: Security Advisory (MGASA-2021-0337)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-15260 Existing TLS connections can be reused without checking remote hostname
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.10 and earlier, PJSIP transport can be reused if they have the same IP address + port + protocol. However, this is...
CVE-2020-15260
CVE-2020-15260 concerns the PJSIP library. In versions up to 2.10, TLS connections may be reused if they share the same IP, port, and protocol, without proper remote hostname authentication. This can allow an attacker to leverage DNS or routing to force a TLS connection to a different hostname th...